Well, kind of. I was notified by Google that there has been phishing pages uploaded on my website that, of course, I did not initiate. I went through the access logs and saw when and how they were uploaded - through a shell script!
I was able to trace and delete 3 different shell scripts located at various locations on my site, but as I keep looking, it seems they are everywhere. Is there any way I can do a site-wide malware scan that would pinpoint these buggers so I can get rid of them?